TECHNICAL FIELD
[0001] The present invention relates to the field of electronic technologies, and in particular,
to a method and device for downloading a profile of an operator.
BACKGROUND
[0002] An embedded universal integrated circuit card (Embedded Universal Integrated Circuit
Card, eUICC) is formed by embedding (packaging, welding, or the like) a conventional
universal integrated circuit card (Universal Integrated Circuit Card, UICC) into a
terminal, which cannot be inserted or removed, and cannot be freely changed as a conventional
UICC card either.
[0003] An existing SIM card or UICC card is generally ordered by a mobile network operator
(Mobile Network Operator, MNO) from a card manufacturer, and therefore, subscription
information that is needed for accessing a network of a mobile operator has been downloaded
into the card before factory delivery. After purchasing a SIM card or a UICC card,
a user can access a network after inserting the card into a terminal. However, an
eUICC is unnecessarily purchased by an operator, and may be integrated into a terminal
for selling after a terminal manufacturer purchases the card. Therefore, in a profile
of the eUICC, only one file can access a remote management platform (such as a subscription
manager-secure routing (Subscription Manager-Secure Routing, SM-SR)). After the eUICC
is embedded into the terminal, a profile (marked as a profile) of an operator may
be downloaded into the eUICC according to a remote management technology by using
a subscription manager-data preparing (Subscription Manager-Data Preparing, SM-DP)
and the SM-SR. Then, the eUICC may access a network by using the downloaded profile.
[0004] For example,
KR 2013 0026958 A refers to a certification method using an embedded UICC certificate.
[0005] Currently, the Global System for Mobile Communications Assembly (Global System for
Mobile Communications, GMSA) formulates a method for downloading a profile of an operator,
and a procedure of the method is generally as follows:
Step 1: An MNO sends, to an SM-DP, a request for downloading a profile, where the
request carries an identity (Identity, ID) of an SM-SR, an ID of a target eUICC (eID),
and an integrated circuit card identity (Integrate Circuit Card Identity, ICCID) of
the profile that needs to be downloaded.
Step 2: The SM-DP finds, according to the ID of the SM-SR, an SM-SR with which the
eUICC currently registers.
Step 3: The SM-DP requests related information (which is included in an eUICC information
set (eUICC Information Set, EIS), and may specifically include: a type, a version
number, a production data that are of the eUICC, a credential of the eUICC, current
files that are of various operators and are in the eUICC and statuses of the profiles,
current storage space of the eUICC, and the like) of the eUICC from the SM-SR.
Step 4: The SM-DP determines, according to the EIS, whether the profile can be downloaded
into the eUICC (for example, the SM-DP determines whether the credential of the eUICC
is valid, whether the storage space of the eUICC is sufficient, and the like).
Step 5: If the SM-DP finds that the profile cannot be downloaded into the eUICC (for
example, the SM-DP determines that the credential of the eUICC is invalid, or the
storage space of the eUICC is insufficient), the SM-DP returns error information to
the SM-SR and the MNO.
Step 6: If the SM-DP finds that the profile can be downloaded into the eUICC, the
SM-DP sends a request for downloading and installing the profile, and sends an encrypted
profile to the eUICC; the eUICC decrypts the profile and installs the profile.
[0006] It can be learned from the foregoing procedure that, in the prior art, a procedure
for downloading a profile is sent from a network side (MNO), and the MNO needs to
know an identity (ID) of an eUICC in advance. However, different from a UICC, the
eUICC is unnecessarily purchased by the MNO, and may be purchased by a device manufacturer;
therefore, the MNO unnecessarily knows the ID of the eUICC in advance. When the MNO
does not know an eUICC of a device, the solution in the prior art cannot be implemented.
In addition, in the prior art, at the beginning, an object that can downloads the
profile can be used by only some authorized eUICCs. In addition, because the request
for downloading the profile is sent from the MNO on the network side, it is required
to ensure that when the profile is being downloaded, a terminal device has been started
and a connection between the terminal device and an SM-SR has been established, and
an end user cannot freely select an opportunity for downloading the profile.
SUMMARY
[0007] Embodiments of the present invention provide a method for downloading a profile of
an operator as set out by claim 1, and a terminal as set out by claim 8. A terminal
side (a terminal of an eUICC) may initiate a request for downloading a profile of
an operator, and the operator does not need to know an identity of the eUICC in advance;
a range of objects that can download the profile of the operator may be extended to
all eUICCs, and an end user may freely select an opportunity for downloading the profile
of the operator.
[0008] The invention is defined in the independent claims. Additional features of the invention
are provided in the dependent claims.
BRIEF DESCRIPTION OF DRAWINGS
[0009]
FIG. 1 is a schematic flowchart of a method for downloading a profile of an operator
according to a first embodiment of the present invention;
FIG. 2 is a schematic flowchart of a method for downloading a profile of an operator
according to a second embodiment of the present invention;
FIG. 3 is a schematic flowchart of a method for downloading a profile of an operator
according to a third embodiment of the present invention;
FIG. 4 is a schematic structural diagram of a terminal according to a fourth embodiment
of the present invention;
FIG. 5 is a schematic structural diagram of an acquiring module 42 according to the
fourth embodiment of the present invention;
FIG. 6 is a schematic structural diagram of a terminal according to a fifth embodiment
of the present invention;
FIG. 7 is a schematic structural diagram of an embedded universal integrated circuit
card eUICC according to a sixth embodiment of the present invention;
FIG. 8 is a schematic structural diagram of an acquiring module 71 according to the
sixth embodiment of the present invention;
FIG. 9 is a schematic structural diagram of a subscription manager-data preparing
SM-DP according to a seventh embodiment of the present invention;
FIG. 10 is a schematic structural diagram of a terminal according to an eighth embodiment
of the present invention;
FIG. 11 is a schematic structural diagram of an eUICC according to a ninth embodiment
of the present invention;
FIG. 12 is a schematic structural diagram of an SM-DP according to a tenth embodiment
of the present invention;
FIG. 13 is a detailed schematic flowchart of a method for downloading and installing
a profile of an operator according to an eleventh embodiment of the present invention;
and
FIG. 14 is a detailed schematic flowchart of a method for downloading and installing
a profile of an operator according to a twelfth embodiment of the present invention.
DESCRIPTION OF EMBODIMENTS
[0010] To make the objectives, technical solutions, and advantages of the present invention
clearer, the following further describes the present invention in detail with reference
to the accompanying drawings.
[0011] FIG. 1 is a schematic flowchart of a method for downloading a profile of an operator
according to a first embodiment of the present invention. As shown in FIG. 1, the
method may include the following steps:
Step S110: A terminal acquires a download certificate used to download a profile of
an operator and addressing information of a subscription manager-data preparing SM-DP
that stores the profile of the operator, where the address information is used to
find the SM-DP.
[0012] In specific implementation, the method for downloading a profile of an operator in
the present invention may be executed from step S111, and step S110 may be a pre-step.
That is, it is unnecessary to execute step S110 each time before a profile of an operator
is downloaded.
[0013] In specific implementation, before step S110, the operator (for example, an MNO)
may entrust the subscription manager-data preparing SM-DP to generate the profile
of the operator (which is generally referred to as a profile of the operator for short).
The profile may include subscription data that is of the operator and is needed for
accessing a network of the operator, such as an international mobile subscriber identity
(International Mobile Subscriber Identification Number, IMSI), a Ki (16-byte key data
generated by a card manufacturer), and an encryption algorithm. The profile may further
include installation or revision packages of various applications, for example, may
include an installation package of Fetion and an update package of QQ. Optionally,
similar to the prior art, the operator may further limit, by using the SM-DP, a terminal
that can download the profile of the operator. For example, the operator may store,
in the SM-DP, an identity of the terminal that can download the profile of the operator
or a classification identity of the terminal.
[0014] In specific implementation, the addressing information of the SM-DP may include information
such as an identity of the SM-DP (for example, an ID of the SM-DP) or an address of
the SM-DP, where the identity uniquely identifies the SM-DP.
[0015] In specific implementation, before step S110, the operator (for example, an MNO)
may further generate or entrust the SM-DP to generate information such as the certificate
for downloading the profile of the operator and an identity of the profile of the
operator. In specific implementation, the identity of the profile of the operator
may be an ICCID or any other identity that can uniquely identify the profile of the
operator. In this case, in step S110, the terminal may further acquire information
such as the identity of the profile of the operator.
[0016] In specific implementation, in step S110, the terminal may acquire, in multiple ways,
information such as the download certificate used to download the profile of the operator,
the addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator, where
these ways include but are not limited to:
The terminal logs in to a network platform of the operator by using built-in application
software of the terminal, and acquires, from the network platform, the information
such as the download certificate used to download the profile of the operator, the
addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator.
[0017] Alternatively, the terminal receives the information such as the download certificate
used to download the profile of the operator, the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator, and the identity
of the profile of the operator, where the information is manually entered by a user.
In the manner, the user may acquire, in multiple ways, the download certificate used
to download the profile of the operator and the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator. For example,
the user may purchase a dedicated information card, and acquire, by dialing a particular
phone number on the information card or entering a particular verification code on
the information card, the download certificate used to download the profile of the
operator and the addressing information of the subscription manager-data preparing
SM-DP that stores the profile of the operator; or the user may directly read, from
a purchased information card, the download certificate used to download the profile
of the operator and the addressing information of the subscription manager-data preparing
SM-DP that stores the profile of the operator. For another example, the user may further
directly go to a retail store or a business hall of the operator, and acquire, from
a customer service representative of the operator, the download certificate used to
download the profile of the operator and the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator. For another
example, the end user may further log in to a network platform of the operator by
using built-in application software of a device except the terminal, and acquire,
from the network platform, the download certificate used to download the profile of
the operator and the addressing information of the subscription manager-data preparing
SM-DP that stores the profile of the operator.
[0018] Alternatively, the terminal acquires, by scanning a two-dimensional code, the information
such as the download certificate used to download the profile of the operator, the
addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator.
[0019] In specific implementation, in this embodiment of the present invention, the certificate
for downloading the profile of the operator is uniquely corresponding to the profile
of the operator, and is used as a unique certificate for downloading the profile of
the operator. In specific implementation, the download certificate may be in various
forms, which include but are not limited to:
The certificate for downloading the profile of the operator is a randomly generated
sequence code.
[0020] Alternatively, the certificate for downloading the profile of the operator is a string
of encoded data generated by encrypting metadata of the profile of the operator. A
manner of the encryption may be one of various existing encryption manners, and a
form of the encoded data may be an ordinary binary code, or may be a two-dimensional
code or the like. The metadata may be extracted from the profile of the operator.
For example, the metadata may be an ICCID. Step S111: The terminal sends, to the SM-DP
by using a subscription manager-secure routing SM-SR, a request for downloading the
profile of the operator, where the download request carries the certificate for downloading
the profile of the operator, an ID of an embedded universal integrated circuit card
eUICC of the terminal, and the addressing information of the SM-DP.
[0021] In specific implementation, optionally, the download request may further include
the identity of the profile of the operator.
[0022] Optionally, the addressing information of the SM-DP may be further carried in the
download certificate of the download request, for example, carried in the randomly
generated sequence code, or carried in the string of encoded data generated by encrypting
the metadata. In this case, the SM-SR may be notified, in advance, of a method for
acquiring the addressing information of the SM-DP from the download certificate; for
example, the SM-SR may be notified of a location that is of the SM-DP and is in the
download certificate or a decryption method.
[0023] Optionally, the download request may further include information such as an identity
of the terminal or a classification identity of the terminal.
[0024] In specific implementation, in step S111, the terminal specifically sends, to an
SM-SR with which the eUICC registers, the request for downloading the profile of the
operator, where the download request carries the certificate for downloading the profile
of the operator, the ID of the embedded universal integrated circuit card eUICC of
the terminal, and the addressing information of the SM-DP, so that after finding the
SM-DP according to the addressing information of the SM-DP, the SM-SR forwards, to
the SM-DP, the download request that includes the certificate for downloading the
profile of the operator and the ID of the eUICC. Optionally, the forwarded request
may also include information such as the identity of the profile of the operator and
the identity of the terminal or the classification identity of the terminal.
[0025] In specific implementation, before the terminal sends, to the SM-SR with which the
eUICC registers, the request for downloading the profile of the operator, the eUICC
of the terminal and the SM-SR need to perform bidirectional authentication. Similarly,
before the SM-SR forwards the download request to the SM-DP, the SM-SR and the SM-DP
also need to perform bidirectional authentication, and the SM-SR may verify whether
a profile conflicting with the profile of the operator that is currently requested
to download has already been downloaded into the eUICC (for example, a mobile on-net
user of a mobile operator can access only a mobile network, and cannot access a telecommunications
network; in this case, if an eUICC of a mobile terminal requests to download a profile
of a telecommunications operator, even though the eUICC acquires information such
as an SM-DP and a certificate for downloading the profile of the telecommunications
operator, the eUICC cannot download the profile of the operator due to a profile restriction
policy of the operator); if there is a conflicting file, the SM-SR may stop a procedure
such as forwarding the request that is for downloading the profile of the operator
and is sent by the terminal. All mentioned above are similar to those in the prior
art, and details are not described herein again. In specific implementation, in step
S111, the download request sent by the terminal may be generated by the terminal,
or may be generated by the eUICC of the terminal. When the download request sent by
the terminal is generated by the terminal, after step S110 and before step S111, the
method in this embodiment of the present invention may further include the following
steps (not shown in the figure):
S10. The terminal reads, from the eUICC, the ID of the eUICC and addressing information
of an SM-SR with which the eUICC registers, and finds the SM-SR according to the addressing
information, where the ID of the eUICC is used to notify the SM-DP of an eUICC into
which the profile of the operator needs to be downloaded; the addressing information
of the SM-SR is used to enable the terminal to find the SM-SR that is used to forward
the request for downloading the profile of the operator, so as to forward, to the
SM-DP by using the SM-SR, the request for downloading the profile of the operator,
and the addressing information of the SM-SR may include an identity or address of
the SM-SR.
[0026] In specific implementation, in S10, the terminal may read, by using an application
protocol data unit (Application Protocol Data Unit, APDU) message, such as a READ
RECORD command, the request that is for downloading the profile of the operator and
is generated by the eUICC.
[0027] S11. The terminal generates the request for downloading the profile of the operator,
where the download request carries the certificate for downloading the profile of
the operator, the ID of the eUICC of the terminal, and the addressing information
of the SM-DP. Optionally, the generated download request may further include the information
such as the identity of the profile of the operator, the identity of the terminal,
or the classification identity of the terminal.
[0028] In this case, in this embodiment of the present invention, the request for downloading
the profile of the operator is actually generated by the terminal, the terminal serves
as an initiator of the request for downloading the profile of the operator, and the
download request does not pass through the eUICC into which the profile of the operator
really needs to be downloaded.
[0029] When the download request sent by the terminal is generated by the eUICC of the terminal,
after step S110 and before step S111, the method in this embodiment of the present
invention may further include the following steps (not shown in the figure):
S20. The terminal sends, to the eUICC, the acquired download certificate used to download
the profile of the operator and the acquired addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator.
[0030] Optionally, in S20, the terminal may further send, to the eUICC, the identity of
the profile of the operator and the identity of the terminal or the classification
identity of the terminal.
[0031] In specific implementation, in S20, similarly, the terminal may send, to the eUICC
by using an APDU message, the acquired download certificate used to download the profile
of the operator and the acquired addressing information of the subscription manager-data
preparing SM-DP that stores the profile of the operator. For example, in this embodiment
of the present invention, an INSTALL command defined in an existing global platform
card specification (Global Platform Card Specification, GPCS) may be extended, and
a DATA field of the INSTALL command carries the download certificate used to download
the profile of the operator, the addressing information of the subscription manager-data
preparing SM-DP that stores the profile of the operator, the identity of the profile
of the operator, the identity of the terminal or the classification identity of the
terminal, and the like.
[0032] Optionally, in specific implementation, when or after sending, to the eUICC, the
acquired download certificate used to download the profile of the operator and the
acquired addressing information of the subscription manager-data preparing SM-DP that
stores the profile of the operator, the terminal may further send, to the eUICC, a
command of requesting or instructing the eUICC to generate and send the request for
downloading the profile of the operator. For example, the terminal may add a dedicated
character or code to the INSTALL command and use the dedicated character or code as
a message of requesting the eUICC to generate and send the request for downloading
the profile of the operator. For example, a new code is set for the INSTALL command,
and the new code is carried in a PI field of the INSTALL to indicate that the INSTALL
command is the command of requesting or instructing the eUICC to generate and send
the request for downloading the profile of the operator.
[0033] S21. The terminal receives, from the eUICC, the request that is for downloading the
profile of the operator and is generated by the eUICC, where the download request
carries the certificate for downloading the profile of the operator, the ID of the
eUICC of the terminal, and the addressing information of the SM-DP.
[0034] In specific implementation, in S21, similarly, the terminal may receive, from the
eUICC by using an APDU message, the request that is for downloading the profile of
the operator and is generated by the eUICC. For example, in this embodiment of the
present invention, an INSTALL command defined in an existing global platform card
specification (Global Platform Card Specification, GPCS) may be extended, and a DATA
field of the INSTALL command carries the download certificate used to download the
profile of the operator, the addressing information of the subscription manager-data
preparing SM-DP that stores the profile of the operator, the identity of the profile
of the operator, the identity of the terminal or the classification identity of the
terminal, and the like, where the download certificate, the addressing information,
the identity of the profile of the operator, the identity of the terminal or the classification
identity of the terminal, and the like are in the download request.
[0035] In this case, in this embodiment of the present invention, the request for downloading
the profile of the operator is actually generated by the eUICC, the eUICC serves as
an initiator of the request for downloading the profile of the operator, and the terminal
provides a function of transparently transmitting the request that is for downloading
the profile of the operator and is generated by the eUICC.
[0036] Step S112: The terminal receives the profile of the operator that is sent by the
SM-DP by using the SM-SR and that is corresponding to the download request, and transmits
the profile of the operator to the eUICC, where the profile of the operator is obtained
by the SM-DP according to an identity of the profile of the operator after the SM-DP
verifies that the certificate that is for downloading the profile of the operator
and is carried in the download request is valid.
[0037] In specific implementation, because download certificates are different, manners
in which the SM-DP verifies that the certificate that is for downloading the profile
of the operator and is carried in the download request is valid are also different.
[0038] For example, when the certificate for downloading the profile of the operator is
a randomly generated sequence code, and
when verifying that a sequence code that is carried in the download request and is
used as the download certificate is the same as a sequence code stored in the SM-DP,
the SM-DP determines that the certificate that is for downloading the profile of the
operator and is carried in the download request is valid.
[0039] Alternatively, when the certificate for downloading the profile of the operator is
a string of encoded data generated by encrypting metadata of the operator, and
when metadata obtained after the SM-DP decodes, according to a locally stored decryption
key, encoded data carried in the download request is the same as metadata that is
of the profile of the operator and is stored in the SM-DP, the SM-DP determines that
the certificate that is for downloading the profile of the operator and is carried
in the download request is valid.
[0040] In specific implementation, when the download request further carries the identity
of the profile of the operator, and the identity of the profile of the operator is
a part of the download certificate or is independent of the download certificate,
the SM-DP specifically obtains the profile of the operator according to the identity
that is of the profile of the operator and is carried in the download request.
[0041] Certainly, in specific implementation, the SM-DP may further acquire index information
according to the identity that is of the profile of the operator and is locally stored
in the SM-DP, locally search the SM-DP for the identity of the profile of the operator,
and acquire the profile of the operator according to the found identity of the profile
of the operator.
[0042] Optionally, when the download request includes the information such as the identity
of the terminal or the classification identity of the terminal, only after verifying
that the certificate that is for downloading the profile of the operator and is carried
in the download request is valid, and verifying that the identity of the terminal
is an identity of an authorized terminal or that the classification identity of the
terminal is a classification identity of an authorized terminal, the SM-DP can acquire,
according to the identity of the profile of the operator, the profile of the operator
that is stored in the SM-DP and is corresponding to the download request.
[0043] It can be learned from above that, in some feasible implementation manners of the
present invention, a request for downloading a profile of an operator is initiated
by a terminal in this embodiment of the present invention, which avoids a case in
which the operator needs to know, in advance, identity information of an eUICC of
the terminal that needs to download the profile of the operator. In addition, in this
embodiment of the present invention, an SM-DP verifies whether a download certificate
in the download request is valid to determine whether the initiated download request
is valid, without verifying whether an object of the download request is valid any
longer; moreover, the download certificate may be obtained by the terminal before
the terminal initiates the download request. Therefore, the terminal can acquire the
certificate for downloading the profile of the operator, provided that the terminal
needs to download the profile of the operator into the eUICC of the terminal. That
is, in this embodiment of the present invention, a range of objects that can download
the profile of the operator may be extended to all eUICCs. In addition, in this embodiment
of the present invention, because the request for downloading the profile of the operator
is initiated by the terminal, an end user certainly can freely select an opportunity
for downloading the profile of the operator.
[0044] FIG. 2 is a schematic flowchart of a method for downloading a profile of an operator
according to a second embodiment of the present invention. As shown in FIG. 2, the
method may include the following steps:
Step S210: An embedded universal integrated circuit card eUICC acquires a download
certificate used to download a profile of an operator and addressing information of
a subscription manager-data preparing SM-DP that stores the profile of the operator.
[0045] In specific implementation, before step S210, the operator (for example, an MNO)
may entrust the subscription manager-data preparing SM-DP to generate the profile
of the operator (which is generally referred to as a profile of the operator for short).
The profile may include subscription data that is of the operator and is needed for
accessing a network of the operator, such as an international mobile subscriber identity
(International Mobile Subscriber Identification Number, IMSI), a Ki (16-byte key data
generated by a card manufacturer), and an encryption algorithm. The profile may further
include installation or revision packages of various applications, for example, may
include an installation package of Fetion and an update package of QQ. Optionally,
similar to the prior art, the operator may further limit, by using the SM-DP, a terminal
that can download the profile of the operator. For example, the operator may store,
in the SM-DP, an identity of the terminal that can download the profile of the operator
or a classification identity of the terminal.
[0046] In specific implementation, the addressing information of the SM-DP may include information
such as an identity or address of the SM-DP, where the identity uniquely identifies
the SM-DP.
[0047] In specific implementation, before step S210, the operator (for example, an MNO)
may further generate or entrust the SM-DP to generate information such as the certificate
for downloading the profile of the operator and an identity of the profile of the
operator. In specific implementation, the identity of the profile of the operator
may be an ICCID or any other identity that can uniquely identify the profile of the
operator. In this case, in step S210, the eUICC may further acquire information such
as the identity of the profile of the operator and an identity of a terminal or a
classification identity of the terminal.
[0048] In specific implementation, in step S210, the eUICC may acquire, in multiple ways,
information such as the download certificate used to download the profile of the operator,
the addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator, where
these ways include but are not limited to:
The eUICC receives, from the terminal, the information such as the download certificate
used to download the profile of the operator, the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator, and the identity
of the profile of the operator.
[0049] In specific implementation, the eUICC may receive, from the terminal by using an
APDU message, the information such as the download certificate used to download the
profile of the operator, the addressing information of the subscription manager-data
preparing SM-DP that stores the profile of the operator, and the identity of the profile
of the operator. For example, in this embodiment of the present invention, an INSTALL
command defined in an existing global platform card specification (Global Platform
Card Specification, GPCS) may be extended, and a DATA field of the INSTALL command
carries the information such as the download certificate used to download the profile
of the operator, the addressing information of the subscription manager-data preparing
SM-DP that stores the profile of the operator, and the identity of the profile of
the operator.
[0050] Alternatively, the eUICC receives the download certificate used to download the profile
of the operator and the addressing information of the subscription manager-data preparing
SM-DP that stores the profile of the operator, where the download certificate and
the addressing information are entered by a user by using an interface of software
(for example, SIM application toolkit (SIM application toolkit, SAT) software) that
is in the eUICC and is for downloading a profile of an operator. In the manner, the
user may acquire, in multiple ways, the information such as the download certificate
used to download the profile of the operator, the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator, and the identity
of the profile of the operator. For example, the user may purchase a dedicated information
card, and acquire, by dialing a particular phone number on the information card or
entering a particular verification code on the information card, the download certificate
used to download the profile of the operator and the addressing information of the
subscription manager-data preparing SM-DP that stores the profile of the operator;
or the user may directly read, from a purchased information card, the download certificate
used to download the profile of the operator and the addressing information of the
subscription manager-data preparing SM-DP that stores the profile of the operator.
For another example, the user may further directly go to a retail store or a business
hall of the operator, and acquire, from a customer service representative of the operator,
the download certificate used to download the profile of the operator and the addressing
information of the subscription manager-data preparing SM-DP that stores the profile
of the operator. For another example, the end user may further log in to a network
platform of the operator by using built-in application software of a device except
the terminal, and acquire, from the network platform, the download certificate used
to download the profile of the operator and the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator.
[0051] Alternatively, the eUICC logs in to a network platform of the operator by using built-in
application software of the eUICC, and acquires, from the network platform, the information
such as the download certificate used to download the profile of the operator, the
addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator.
[0052] In specific implementation, in this embodiment of the present invention, the certificate
for downloading the profile of the operator is uniquely corresponding to the profile
of the operator, and is used as a unique certificate for downloading the profile of
the operator. In specific implementation, the download certificate may be in various
forms, which include but are not limited to:
The certificate for downloading the profile of the operator is a randomly generated
sequence code.
[0053] Alternatively, the certificate for downloading the profile of the operator is a string
of encoded data generated by encrypting metadata of the profile of the operator. A
manner of the encryption may be one of various existing encryption manners, and a
form of the encoded data may be an ordinary binary code, or may be a two-dimensional
code or the like. The metadata may be extracted from the profile of the operator.
For example, the metadata may be an ICCID.
[0054] Step S211: The eUICC generates a request for downloading the profile of the operator,
where the download request carries the certificate for downloading the profile of
the operator, an ID of the eUICC, and the addressing information of the SM-DP.
[0055] Optionally, the download request in step S211 may further include information such
as the identity of profile of the operator, the terminal identity of the terminal,
or the classification identity of the terminal.
[0056] Optionally, the addressing information of the SM-DP may be further carried in the
download certificate of the download request, for example, carried in the randomly
generated sequence code, or carried in the string of encoded data generated by encrypting
the metadata. In this case, the SM-SR may be notified, in advance, of a method for
acquiring the addressing information of the SM-DP from the download certificate; for
example, the SM-SR may be notified of a location that is of the SM-DP and is in the
download certificate or a decryption method.
[0057] In specific implementation, before step S211, the eUICC may further receive, from
the terminal, a command of requesting or instructing the eUICC to generate the request
for downloading the profile of the operator. Alternatively, the eUICC may further
receive a command of requesting or instructing the eUICC to generate the request for
downloading the profile of the operator, where the command is entered by the user
or sent by another device. In specific implementation, similarly, the terminal may
send the command by using an APDU message; for example, the terminal may extend an
INSTALL command defined in a GPCS, and a dedicated character or code is added to the
INSTALL command and is used as the command of requesting the eUICC to generate and
send the request for downloading the profile of the operator. For example, a new code
is set for the INSTALL command, and the new code is carried in a P1 field of the INSTALL
to indicate that the INSTALL command is the command of requesting or instructing the
eUICC to generate and send the request for downloading the profile of the operator.
[0058] Step S212: The eUICC sends, to the SM-DP by using the SM-SR, the generated request
for downloading the profile of the operator.
[0059] Similarly, in specific implementation, the method in the second embodiment of the
present invention may be executed from step S212, and steps S210 and S211 may be pre-steps.
That is, it is unnecessary to execute steps S210 and S211 each time before a profile
of an operator is downloaded. In specific implementation, in step S212, the eUICC
specifically sends, to an SM-SR with which the eUICC registers, the request for downloading
the profile of the operator, where the download request carries the certificate for
downloading the profile of the operator, the ID of the embedded universal integrated
circuit card eUICC of the terminal, and the addressing information of the SM-DP, so
that after finding the SM-DP according to the addressing information of the SM-DP,
the SM-SR forwards, to the SM-DP, the download request that includes the certificate
for downloading the profile of the operator and the ID of the eUICC. Optionally, the
forwarded request may also include the information such as the identity of the profile
of the operator and the identity of the terminal or the classification identity of
the terminal.
[0060] In specific implementation, before the eUICC sends, to the SM-SR with which the eUICC
registers, the request for downloading the profile of the operator, the eUICC and
the SM-SR need to perform bidirectional authentication. Similarly, before the SM-SR
forwards the download request to the SM-DP, the SM-SR and the SM-DP also need to perform
bidirectional authentication, and the SM-SR may verify whether a profile conflicting
with the profile of the operator that is currently requested to download has already
been downloaded into the eUICC (for example, a mobile on-net user of a mobile operator
can access only a mobile network, and cannot access a telecommunications network;
in this case, if an eUICC of a mobile terminal requests to download a profile of a
telecommunications operator, even though the eUICC acquires information such as an
SM-DP and a certificate for downloading the profile of the telecommunications operator,
the eUICC cannot download the profile of the operator due to a profile restriction
policy of the operator); if there is a conflicting file, the SM-SR may stop a procedure
such as forwarding the request that is for downloading the profile of the operator
and is sent by the eUICC. All mentioned above are similar to those in the prior art,
and details are not described herein again. Step S213: The eUICC receives the profile
of the operator that is sent by the SM-DP by using the subscription manager-secure
routing SM-SR and that is corresponding to the download request, where the profile
of the operator is obtained by the SM-DP according to an identity of the profile of
the operator after the SM-DP verifies that the certificate that is for downloading
the profile of the operator and is carried in the download request is valid.
[0061] In specific implementation, because download certificates are different, manners
in which the SM-DP verifies that the certificate that is for downloading the profile
of the operator and is carried in the download request is valid are also different.
[0062] For example, when the certificate for downloading the profile of the operator is
a randomly generated sequence code, and
when verifying that a sequence code that is carried in the download request and is
used as the download certificate is the same as a sequence code stored in the SM-DP,
the SM-DP determines that the certificate that is for downloading the profile of the
operator and is carried in the download request is valid.
[0063] Alternatively, when the certificate for downloading the profile of the operator is
a string of encoded data generated by encrypting metadata of the operator, and
when metadata obtained after the SM-DP decodes, according to a locally stored decryption
key, encoded data carried in the download request is the same as metadata that is
of the profile of the operator and is stored in the SM-DP, the SM-DP determines that
the certificate that is for downloading the profile of the operator and is carried
in the download request is valid.
[0064] In specific implementation, when the download request further carries the identity
of the profile of the operator, and the identity of the profile of the operator is
a part of the download certificate or is independent of the download certificate,
the SM-DP specifically obtains the profile of the operator according to the identity
that is of the profile of the operator and is carried in the download request.
[0065] Certainly, in specific implementation, the SM-DP may further acquire index information
according to the identity that is of the profile of the operator and is locally stored
in the SM-DP, locally search the SM-DP for the identity of the profile of the operator,
and acquire the profile of the operator according to the found identity of the profile
of the operator.
[0066] Optionally, when the download request includes information such as the identity of
the terminal or the classification identity of the terminal, only after verifying
that the certificate that is for downloading the profile of the operator and is carried
in the download request is valid, and verifying that the identity of the terminal
is an identity of an authorized terminal or that the classification identity of the
terminal is a classification identity of an authorized terminal, the SM-DP can acquire,
according to the identity of the profile of the operator, the profile of the operator
that is stored in the SM-DP and is corresponding to the download request.
[0067] In this embodiment, a manner embodiment of downloading a profile of an operator in
the embodiments of the present invention is described from an eUICC side by using
examples. When a request for downloading a profile of an operator is initiated by
an eUICC, a terminal provides a function of transparently transmitting the request
that is for downloading the profile of the operator and is generated by the eUICC.
[0068] It can be learned from above that, in some feasible implementation manners of the
present invention, a request for downloading a profile of an operator is initiated
by an eUICC of a terminal in this embodiment of the present invention, which avoids
a case in which the operator needs to know, in advance, identity information of the
eUICC of the terminal that needs to download the profile of the operator. In addition,
in this embodiment of the present invention, an SM-DP verifies whether a download
certificate in the download request is valid to determine whether the initiated download
request is valid, without verifying whether an object of the download request is valid
any longer; moreover, the download certificate may be obtained by the terminal before
the terminal initiates the download request. Therefore, the terminal can acquire the
certificate for downloading the profile of the operator, provided that the terminal
needs to download the profile of the operator into the eUICC of the terminal. That
is, in this embodiment of the present invention, a range of objects that can download
the profile of the operator may be extended to all eUICCs. In addition, in this embodiment
of the present invention, because the request for downloading the profile of the operator
is initiated by the terminal, an end user certainly can freely select an opportunity
for downloading the profile of the operator.
[0069] FIG. 3 is a schematic flowchart of a method for downloading a profile of an operator
according to a third embodiment of the present invention. As shown in FIG. 3, the
method may include the following steps:
Step S310: A subscription manager-data preparing SM-DP receives, from a terminal or
an embedded universal integrated circuit card eUICC of the terminal, a request that
is for downloading a profile of an operator and is forwarded by a subscription manager-secure
routing SM-SR, where the download request carries an ID of the eUICC and a certificate
for downloading the profile of the operator.
[0070] In specific implementation, in this embodiment of the present invention, the terminal
or the eUICC of the terminal may serve as an initiator of the download request, that
is, the request for downloading the profile of the operator may be from the terminal
or the eUICC.
[0071] When the terminal serves as the initiator of the download request, the terminal reads,
from the eUICC, the ID of the eUICC and addressing information of the SM-SR, where
the addressing information is used to find the SM-SR, the addressing information may
include an identity or address of the SM-SR, and the identity may uniquely identify
the SM-SR. Then, the terminal generates the request for downloading the profile of
the operator, and sends the download request. In this case, in this embodiment of
the present invention, when the download request is sent, the download request may
not pass through the eUICC into which the profile of the operator really needs to
be downloaded.
[0072] When the eUICC of the terminal serves as the initiator of the download request, the
eUICC sends the generated download request to the terminal, and sends the generated
download request to the SM-SR by using the terminal. In this case, the terminal provides
a function of transparently transmitting the request that is for downloading the profile
of the operator and is generated by the eUICC.
[0073] In specific implementation, before step S310, the operator (for example, an MNO)
may entrust the subscription manager-data preparing SM-DP to generate the profile
of the operator (which is generally referred to as a profile of the operator for short).
The profile may include subscription data that is of the operator and is needed for
accessing a network of the operator, such as an international mobile subscriber identity
(International Mobile Subscriber Identification Number, IMSI), a Ki (16-byte key data
generated by a card manufacturer), and an encryption algorithm. The profile may further
include installation or revision packages of various applications, for example, may
include an installation package of Fetion and an update package of QQ. Optionally,
similar to the prior art, the operator may further limit, by using the SM-DP, a terminal
that can download the profile of the operator. For example, the operator may store,
in the SM-DP, an identity of the terminal that can download the profile of the operator
or a classification identity of the terminal.
[0074] In specific implementation, the addressing information of the SM-DP may include information
such as an identity or address of the SM-DP, where the identity uniquely identifies
the SM-DP.
[0075] In specific implementation, before step S310, the operator (for example, an MNO)
may further generate or entrust the SM-DP to generate information such as the certificate
for downloading the profile of the operator and an identity of the profile of the
operator. In specific implementation, the identity of the profile of the operator
may be an ICCID or any other identity that can uniquely identify the profile of the
operator. Optionally, the download request received in step S310 in this embodiment
of the present invention may further include information such as the identity of the
profile of the operator, an identity of the terminal, or a classification identity
of the terminal. Step S311: After verifying that the certificate that is for downloading
the profile of the operator and is carried in the download request is valid, the SM-DP
acquires, according to an identity of the profile of the operator, the profile of
the operator that is stored in the SM-DP and is corresponding to the download request.
[0076] In specific implementation, because download certificates are different, in step
S311, manners in which the SM-DP verifies that the certificate that is for downloading
the profile of the operator and is carried in the download request is valid are also
different.
[0077] For example, when the certificate for downloading the profile of the operator is
a randomly generated sequence code, and
when verifying that a sequence code that is carried in the download request and is
used as the download certificate is the same as a sequence code stored in the SM-DP,
the SM-DP determines that the certificate that is for downloading the profile of the
operator and is carried in the download request is valid.
[0078] Alternatively, when the certificate for downloading the profile of the operator is
a string of encoded data generated by encrypting metadata of the operator, and
when metadata obtained after the SM-DP decodes, according to a locally stored decryption
key, encoded data carried in the download request is the same as metadata that is
of the profile of the operator and is stored in the SM-DP, the SM-DP determines that
the certificate that is for downloading the profile of the operator and is carried
in the download request is valid.
[0079] In specific implementation, when the download request further carries the identity
of the profile of the operator, and the identity of the profile of the operator is
a part of the download certificate or is independent of the download certificate,
the SM-DP specifically obtains the profile of the operator according to the identity
that is of the profile of the operator and is carried in the download request.
[0080] Certainly, in specific implementation, the SM-DP may further acquire index information
according to the identity that is of the profile of the operator and is locally stored
in the SM-DP, locally search the SM-DP for the identity of the profile of the operator,
and acquire the profile of the operator according to the found identity of the profile
of the operator.
[0081] Optionally, when the download request includes information such as the identity of
the terminal or the classification identity of the terminal, only after verifying
that the certificate that is for downloading the profile of the operator and is carried
in the download request is valid, and verifying that the identity of the terminal
is an identity of an authorized terminal or that the classification identity of the
terminal is a classification identity of an authorized terminal, the SM-DP can acquire,
according to the identity of the profile of the operator, the profile of the operator
that is stored in the SM-DP and is corresponding to the download request.
[0082] Step S312: The SM-DP sends, by using the SM-SR, the profile that is of the operator
and is corresponding to the download request to the eUICC.
[0083] It can be learned from above that, in some feasible implementation manners of the
present invention, a subscription manager-data preparing SM-DP receives, from a terminal
or an embedded universal integrated circuit card eUICC of the terminal, a request
that is for downloading a profile of an operator and is forwarded by a subscription
manager-secure routing SM-SR, where the download request carries an ID of the eUICC
and a certificate for downloading the profile of the operator; after verifying that
the certificate that is for downloading the profile of the operator and is carried
in the download request is valid, the SM-DP acquires, according to an identity of
the profile of the operator, the profile of the operator that is stored in the SM-DP
and is corresponding to the download request; and the SM-DP sends, by using the SM-SR,
the profile that is of the operator and is corresponding to the download request to
the eUICC. In this embodiment of the present invention, a request for downloading
a profile of an operator is initiated by a terminal side (a terminal or an eUICC of
a terminal), thereby avoiding a case in which the operator needs to know, in advance,
identity information of the eUICC of the terminal that needs to download the profile
of the operator. In addition, in this embodiment of the present invention, an SM-DP
verifies whether a download certificate in the download request is valid to determine
whether the initiated download request is valid, without verifying whether an object
of the download request is valid any longer; moreover, the download certificate may
be obtained by the terminal before the terminal initiates the download request. Therefore,
the terminal can acquire the certificate for downloading the profile of the operator,
provided that the terminal needs to download the profile of the operator into the
eUICC of the terminal. That is, in this embodiment of the present invention, a range
of objects that can download the profile of the operator may be extended to all eUICCs.
In addition, in this embodiment of the present invention, because the request for
downloading the profile of the operator is initiated by the terminal, an end user
certainly can freely select an opportunity for downloading the profile of the operator.
[0084] Embodiments of a method for downloading a profile of an operator in the embodiments
of the present invention are separately described above from a terminal side, an eUICC
side of a terminal, and an SM-DP side by using examples, and embodiments of devices
that execute the foregoing method are further described in the following by using
examples.
[0085] FIG. 4 is a schematic structural diagram of a terminal according to a fourth embodiment
of the present invention. As shown in FIG. 4, the terminal in this embodiment of the
present invention include at least an embedded universal integrated circuit card eUICC
41, an acquiring module 42, a sending module 43, and a transmission module 44, where:
the eUICC 41 is configured to store a profile that is of an operator and is used by
the terminal to access the operator;
the acquiring module 42 is configured to acquire a download certificate used to download
the profile of the operator and addressing information of a subscription manager-data
preparing SM-DP that stores the profile of the operator, where the address information
is used to find the SM-DP;
the sending module 43 is connected to the acquiring module 42 or the eUICC 41 and
is configured to send, to the SM-DP by using a subscription manager-secure routing
SM-SR, a request for downloading the profile of the operator, where the download request
carries the certificate for downloading the profile of the operator, an ID of the
eUICC 41, and the addressing information of the SM-DP; and
the transmission module 44 is connected to the eUICC 41 and is configured to: receive
the profile of the operator that is sent by the SM-DP by using the SM-SR and is corresponding
to the download request, and transmit the profile of the operator to the eUICC 41,
where the profile of the operator is obtained by the SM-DP according to an identity
of the profile of the operator after the SM-DP verifies that the certificate that
is for downloading the profile of the operator and is carried in the download request
is valid.
[0086] In specific implementation, in some other embodiments, the terminal may not include
the acquiring module 42. In this case, the sending module 43 may obtain, in another
way, the certificate for downloading the profile of the operator and the addressing
information of the SM-DP, where the download certificate and the addressing information
are in the download request.
[0087] In specific implementation, the operator (for example, an MNO) may entrust the subscription
manager-data preparing SM-DP to generate the profile of the operator (which is generally
referred to as a profile of the operator for short). The profile may include subscription
data that is of the operator and is needed for accessing a network of the operator,
such as an international mobile subscriber identity (International Mobile Subscriber
Identification Number, IMSI), a Ki (16-byte key data generated by a card manufacturer),
and an encryption algorithm. The profile may further include installation or revision
packages of various applications, for example, may include an installation package
of Fetion and an update package of QQ. Optionally, similar to the prior art, the operator
may further limit, by using the SM-DP, a terminal that can download the profile of
the operator. For example, the operator may store, in the SM-DP, an identity of the
terminal that can download the profile of the operator or a classification identity
of the terminal.
[0088] In specific implementation, the addressing information of the SM-DP may include information
such as an identity or address of the SM-DP, where the identity uniquely identifies
the SM-DP. The operator (for example, an MNO) may further generate or entrust the
SM-DP to generate information such as the certificate for downloading the profile
of the operator and the identity of the profile of the operator. In specific implementation,
the identity of the profile of the operator may be an ICCID or any other identity
that can uniquely identify the profile of the operator. In this case, the acquiring
module 42 may further acquire information such as the identity of the profile of the
operator.
[0089] In specific implementation, the acquiring module 42 may acquire, in multiple ways,
information such as the download certificate used to download the profile of the operator,
the addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator. In this
case, as shown in FIG. 5, the acquiring module 42 in this embodiment of the present
invention includes but is not limited to at least one of the following sub-modules:
a first acquiring module 421, a second acquiring module 422, or a third acquiring
module 423.
[0090] The first acquiring module 421 is configured to: log in to a network platform of
the operator by using built-in application software of the terminal; and acquire,
from the network platform, the information such as the download certificate used to
download the profile of the operator, the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator, and the identity
of the profile of the operator.
[0091] Alternatively, the second acquiring module 422 is configured to receive the information
such as the download certificate used to download the profile of the operator, the
addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator, where
the information is manually entered by a user.
[0092] In the manner, the user may acquire, in multiple ways, the information such as the
download certificate used to download the profile of the operator, the addressing
information of the subscription manager-data preparing SM-DP that stores the profile
of the operator, and the identity of the profile of the operator. For example, the
user may purchase a dedicated information card, and acquire, by dialing a particular
phone number on the information card or entering a particular verification code on
the information card, the information such as the download certificate used to download
the profile of the operator, the addressing information of the subscription manager-data
preparing SM-DP that stores the profile of the operator, and the identity of the profile
of the operator; or the user may directly read, from a purchased information card,
the information such as the download certificate used to download the profile of the
operator, the addressing information of the subscription manager-data preparing SM-DP
that stores the profile of the operator, and the identity of the profile of the operator.
For another example, the user may further directly go to a retail store or a business
hall of the operator, and acquire, from a customer service representative of the operator,
the information such as the download certificate used to download the profile of the
operator, the addressing information of the subscription manager-data preparing SM-DP
that stores the profile of the operator, and the identity of the profile of the operator.
For another example, the end user may further log in to a network platform of the
operator by using built-in application software of a device except the terminal, and
acquire, from the network platform, the information such as the download certificate
used to download the profile of the operator, the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator, and the identity
of the profile of the operator.
[0093] Alternatively, the third acquiring module 423 is configured to acquire, by scanning
a two-dimensional code, the information such as the download certificate used to download
the profile of the operator, the addressing information of the subscription manager-data
preparing SM-DP that stores the profile of the operator, and the identity of the profile
of the operator.
[0094] In specific implementation, in this embodiment of the present invention, the certificate
for downloading the profile of the operator is uniquely corresponding to the profile
of the operator, and is used as a unique certificate for downloading the profile of
the operator. In specific implementation, the download certificate may be in various
forms, which include but are not limited to:
The certificate for downloading the profile of the operator is a randomly generated
sequence code.
[0095] Alternatively, the certificate for downloading the profile of the operator is a string
of encoded data generated by encrypting metadata of the profile of the operator. A
manner of the encryption may be one of various existing encryption manners, and a
form of the encoded data may be an ordinary binary code, or may be a two-dimensional
code or the like. The metadata may be extracted from the profile of the operator.
For example, the metadata may be an ICCID.
[0096] In specific implementation, optionally, the download request sent by the sending
module 43 may further include the identity of the profile of the operator.
[0097] Optionally, the download request sent by the sending module 43 may further include
information such as an identity of the terminal or a classification identity of the
terminal.
[0098] Optionally, the addressing information of the SM-DP may be further carried in the
download certificate of the download request sent by the sending module 43, for example,
carried in the randomly generated sequence code, or carried in the string of encoded
data generated by encrypting the metadata. In this case, the SM-SR may be notified,
in advance, of a method for acquiring the addressing information of the SM-DP from
the download certificate; for example, the SM-SR may be notified of a location that
is of the SM-DP and is in the download certificate or a decryption method.
[0099] In specific implementation, the sending module 43 specifically sends, to an SM-SR
with which the eUICC registers, the request for downloading the profile of the operator,
where the download request carries the certificate for downloading the profile of
the operator, the ID of the embedded universal integrated circuit card eUICC of the
terminal, and the addressing information of the SM-DP, so that after finding the SM-DP
according to the addressing information of the SM-DP, the SM-SR forwards, to the SM-DP,
the download request that includes the certificate for downloading the profile of
the operator and the ID of the eUICC. Optionally, the forwarded request may also include
information such as the identity of the profile of the operator and the identity of
the terminal or the classification identity of the terminal.
[0100] In specific implementation, before the sending module 43 sends, to the SM-SR with
which the eUICC registers, the request for downloading the profile of the operator,
the eUICC of the terminal and the SM-SR need to perform bidirectional authentication.
Similarly, before the SM-SR forwards the download request to the SM-DP, the SM-SR
and the SM-DP also need to perform bidirectional authentication, and the SM-SR may
verify whether a profile conflicting with the profile of the operator that is currently
requested to download has already been downloaded into the eUICC (for example, a mobile
on-net user of a mobile operator can access only a mobile network, and cannot access
a telecommunications network; in this case, if an eUICC of a mobile terminal requests
to download a profile of a telecommunications operator, even though the eUICC acquires
information such as an SM-DP and a certificate for downloading the profile of the
telecommunications operator, the eUICC cannot download the profile of the operator
due to a profile restriction policy of the operator); if there is a conflicting file,
the SM-SR may stop a procedure such as forwarding the request that is for downloading
the profile of the operator and is sent by the terminal. All mentioned above are similar
to those in the prior art, and details are not described herein again.
[0101] In specific implementation, the download request sent by the sending module 43 may
be generated by the terminal, or may be generated by the eUICC of the terminal.
[0102] When the download request sent by the terminal is generated by the terminal, as shown
in FIG. 6, the terminal in this embodiment of the present invention may further include
a reading module 45 and a generating module 46.
[0103] The reading module 45 is connected to the eUICC 41 and is configured to: read, from
the eUICC, the ID of the eUICC and addressing information of an SM-SR with which the
eUICC registers; and find the SM-SR according to the addressing information, where
the ID of the eUICC 41 is used to notify the SM-DP of an eUICC into which the profile
of the operator needs to be downloaded, and an ID or address of the SM-SR is used
to enable the sending module 43 to find the SM-SR that is used to forward the request
for downloading the profile of the operator, so as to forward, to the SM-DP by using
the SM-SR, the request for downloading the profile of the operator. Similarly, the
addressing information of the SM-SR may include the identity or address of the SM-SR.
[0104] In specific implementation, the reading module 45 may read, by using an application
protocol data unit (Application Protocol Data Unit, APDU) message, for example, read
by using a READ RECORD command, the request that is for downloading the profile of
the operator and is generated by the eUICC 41.
[0105] The generating module 46 is configured to generate the request for downloading the
profile of the operator, where the download request carries the certificate for downloading
the profile of the operator, the ID of the eUICC 41 of the terminal, and the addressing
information of the SM-DP. Optionally, the download request generated by the generating
module 46 may further include the information such as the identity of the profile
of the operator and the identity of the terminal or the classification identity of
the terminal.
[0106] In this case, in this embodiment of the present invention, the request for downloading
the profile of the operator is actually generated by the terminal, the terminal serves
as an initiator of the request for downloading the profile of the operator, and the
download request does not pass through the eUICC 41 into which the profile of the
operator really needs to be downloaded.
[0107] When the download request sent by the terminal is generated by the eUICC 41 of the
terminal, the transmission module 44 in this embodiment of the present invention is
further configured to send, to the eUICC, the acquired download certificate used to
download the profile of the operator and the acquired addressing information of the
subscription manager-data preparing SM-DP that stores the profile of the operator.
Optionally, the transmission module 40 may further send, to the eUICC, the identity
of the profile of the operator and the identity of the terminal or the classification
identity of the terminal.
[0108] In specific implementation, similarly, the transmission module 44 may send, to the
eUICC by using an APDU message, the acquired download certificate used to download
the profile of the operator and the acquired addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator.
[0109] For example, in this embodiment of the present invention, an INSTALL command defined
in an existing global platform card specification (Global Platform Card Specification,
GPCS) may be extended, and a DATA field of the INSTALL command carries the download
certificate used to download the profile of the operator, the addressing information
of the subscription manager-data preparing SM-DP that stores the profile of the operator,
the identity of the profile of the operator, the identity of the terminal or the classification
identity of the terminal, and the like.
[0110] Optionally, in specific implementation, when or after sending, to the eUICC, the
acquired download certificate used to download the profile of the operator and the
acquired addressing information of the subscription manager-data preparing SM-DP that
stores the profile of the operator, the transmission module 44 may further send, to
the eUICC, a command of requesting or instructing the eUICC to generate and send the
request for downloading the profile of the operator. For example, the terminal may
add a dedicated character or code to the INSTALL command and use the dedicated character
or code as a message of requesting the eUICC to generate and send the request for
downloading the profile of the operator. For example, a new code is set for the INSTALL
command, and the new code is carried in a PI field of the INSTALL to indicate that
the INSTALL command is the command of requesting or instructing the eUICC to generate
and send the request for downloading the profile of the operator. In addition, the
transmission module 44 is further configured to receive, from the eUICC 41, the request
that is for downloading the profile of the operator and is generated by the eUICC
41.
[0111] In specific implementation, similarly, the transmission module 44 may receive, from
the eUICC by using an APDU message, the request that is for downloading the profile
of the operator and is generated by the eUICC.
[0112] For example, in this embodiment of the present invention, an INSTALL command defined
in an existing global platform card specification (Global Platform Card Specification,
GPCS) may be extended, and a DATA field of the INSTALL command carries the download
certificate used to download the profile of the operator, the addressing information
of the subscription manager-data preparing SM-DP that stores the profile of the operator,
the identity of the profile of the operator, the identity of the terminal or the classification
identity of the terminal, and the like, where the download certificate, the addressing
information, the identity of the profile of the operator, the identity of the terminal
or the classification identity of the terminal, and the like are in the download request.
[0113] In this case, in this embodiment of the present invention, the request for downloading
the profile of the operator is actually generated by the eUICC, the eUICC serves as
an initiator of the request for downloading the profile of the operator, and the terminal
provides a function of transparently transmitting the request that is for downloading
the profile of the operator and is generated by the eUICC.
[0114] In specific implementation, because download certificates are different, before the
transmission module 44 receives the profile of the operator that is sent by the SM-DP
by using the SM-SR and that is corresponding to the download request, manners in which
the SM-DP verifies that the certificate that is for downloading the profile of the
operator and is carried in the download request is valid are also different.
[0115] For example, when the certificate for downloading the profile of the operator is
a randomly generated sequence code, and
when verifying that a sequence code that is carried in the download request and is
used as the download certificate is the same as a sequence code stored in the SM-DP,
the SM-DP determines that the certificate that is for downloading the profile of the
operator and is carried in the download request is valid.
[0116] Alternatively, when the certificate for downloading the profile of the operator is
a string of encoded data generated by encrypting metadata of the operator, and
when metadata obtained after the SM-DP decodes, according to a locally stored decryption
key, encoded data carried in the download request is the same as metadata that is
of the profile of the operator and is stored in the SM-DP, the SM-DP determines that
the certificate that is for downloading the profile of the operator and is carried
in the download request is valid.
[0117] In specific implementation, when the download request further carries the identity
of the profile of the operator, and the identity of the profile of the operator is
a part of the download certificate or is independent of the download certificate,
the SM-DP specifically obtains the profile of the operator according to the identity
that is of the profile of the operator and is carried in the download request.
[0118] Certainly, in specific implementation, the SM-DP may further acquire index information
according to the identity that is of the profile of the operator and is locally stored
in the SM-DP, locally search the SM-DP for the identity of the profile of the operator,
and acquire the profile of the operator according to the found identity of the profile
of the operator.
[0119] Optionally, when the download request includes the information such as the identity
of the terminal or the classification identity of the terminal, only after verifying
that the certificate that is for downloading the profile of the operator and is carried
in the download request is valid, and verifying that the identity of the terminal
is an identity of an authorized terminal or that the classification identity of the
terminal is a classification identity of an authorized terminal, the SM-DP can acquire,
according to the identity of the profile of the operator, the profile of the operator
that is stored in the SM-DP and is corresponding to the download request.
[0120] It can be learned from above that, in some feasible implementation manners of the
present invention, a request for downloading a profile of an operator is initiated
by a terminal in this embodiment of the present invention, which avoids a case in
which the operator needs to know, in advance, identity information of an eUICC of
the terminal that needs to download the profile of the operator. In addition, in this
embodiment of the present invention, an SM-DP verifies whether a download certificate
in the download request is valid to determine whether the initiated download request
is valid, without verifying whether an object of the download request is valid any
longer; moreover, the download certificate may be obtained by the terminal before
the terminal initiates the download request. Therefore, the terminal can acquire the
certificate for downloading the profile of the operator, provided that the terminal
needs to download the profile of the operator into the eUICC of the terminal. That
is, in this embodiment of the present invention, a range of objects that can download
the profile of the operator may be extended to all eUICCs. In addition, in this embodiment
of the present invention, because the request for downloading the profile of the operator
is initiated by the terminal, an end user certainly can freely select an opportunity
for downloading the profile of the operator.
[0121] FIG. 7 is a schematic structural diagram of an embedded universal integrated circuit
card eUICC according to a sixth embodiment of the present invention. As shown in FIG.
7, the eUICC may include: an acquiring module 71, a generating module 72, a sending
module 73, and a transmission module 74, where:
the acquiring module 71 is configured to acquire a download certificate used to download
a profile of an operator and addressing information of a subscription manager-data
preparing SM-DP that stores the profile of the operator;
the generating module 72 is configured to generate a request for downloading the profile
of the operator, where the download request carries the certificate for downloading
the profile of the operator, an ID of the eUICC, and the addressing information of
the SM-DP;
the sending module 73 is configured to send the generated download request to the
SM-DP by using a subscription manager-secure routing SM-SR; and
the transmission module 74 is configured to receive the profile of the operator that
is sent by the SM-DP by using the subscription manager-secure routing SM-SR and is
corresponding to the download request, where the profile of the operator is obtained
by the SM-DP according to an identity of the profile of the operator after the SM-DP
verifies that the certificate that is for downloading the profile of the operator
and is carried in the download request is valid.
[0122] In specific implementation, in some other embodiments, the eUICC may not include
the acquiring module 71 and the generating module 72. In this case, the sending module
73 may obtain, in another way, information such as the certificate for downloading
the profile of the operator and the addressing information of the subscription manager-data
preparing SM-DP that stores the profile of the operator, where the information is
in the download request.
[0123] In specific implementation, the operator (for example, an MNO) may entrust the subscription
manager-data preparing SM-DP to generate the profile of the operator (which is generally
referred to as a profile of the operator for short). The profile may include subscription
data that is of the operator and is needed for accessing a network of the operator,
such as an international mobile subscriber identity (International Mobile Subscriber
Identification Number, IMSI), a Ki (16-byte key data generated by a card manufacturer),
and an encryption algorithm. The profile may further include installation or revision
packages of various applications, for example, may include an installation package
of Fetion and an update package of QQ. Optionally, similar to the prior art, the operator
may further limit, by using the SM-DP, a terminal that can download the profile of
the operator. For example, the operator may store, in the SM-DP, an identity of the
terminal that can download the profile of the operator or a classification identity
of the terminal.
[0124] In specific implementation, the addressing information of the SM-DP may include information
such as an identity or address of the SM-DP, where the identity uniquely identifies
the SM-DP.
[0125] In specific implementation, the acquiring module 71 may acquire, in multiple ways,
information such as the download certificate used to download the profile of the operator,
the addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator. As shown
in FIG. 8, the acquiring module 71 in this embodiment of the present invention includes
but is not limited to at least one of the following sub-modules: a first acquiring
module 711, a second acquiring module 712, or a third acquiring module 713.
[0126] The first acquiring module 711 is configured to receive, from a terminal, the information
such as the download certificate used to download the profile of the operator, the
addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator.
[0127] In specific implementation, the first acquiring module 711 may receive, from the
terminal by using an existing APDU message or an added APDU message, the information
such as the download certificate used to download the profile of the operator, the
addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator. For
example, in this embodiment of the present invention, an INSTALL command defined in
an existing global platform card specification (Global Platform Card Specification,
GPCS) may be extended, and a DATA field of the INSTALL command carries the information
such as the download certificate used to download the profile of the operator, the
addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator.
[0128] Alternatively, the second acquiring module 712 is configured to receive the information
such as the download certificate used to download the profile of the operator, the
addressing information of the subscription manager-data preparing SM-DP that stores
the profile of the operator, and the identity of the profile of the operator, where
the information is entered by a user by using an interface of software (for example,
SIM application toolkit (SIM application toolkit, SAT) software) that is in the eUICC
and is for downloading a profile of an operator. In the manner, the user may acquire,
in multiple ways, the information such as the download certificate used to download
the profile of the operator, the addressing information of the subscription manager-data
preparing SM-DP that stores the profile of the operator, and the identity of the profile
of the operator. For example, the user may purchase a dedicated information card,
and acquire, by dialing a particular phone number on the information card or entering
a particular verification code on the information card, the information such as the
download certificate used to download the profile of the operator, the addressing
information of the subscription manager-data preparing SM-DP that stores the profile
of the operator, and the identity of the profile of the operator; or the user may
directly read, from a purchased information card, the information such as the download
certificate used to download the profile of the operator, the addressing information
of the subscription manager-data preparing SM-DP that stores the profile of the operator,
and the identity of the profile of the operator. For another example, the user may
further directly go to a retail store or a business hall of the operator, and acquire,
from a customer service representative of the operator, the information such as the
download certificate used to download the profile of the operator, the addressing
information of the subscription manager-data preparing SM-DP that stores the profile
of the operator, and the identity of the profile of the operator. For another example,
the end user may further log in to a network platform of the operator by using built-in
application software of a device except the terminal, and acquire, from the network
platform, the information such as the download certificate used to download the profile
of the operator, the addressing information of the subscription manager-data preparing
SM-DP that stores the profile of the operator, and the identity of the profile of
the operator.
[0129] Alternatively, the third acquiring module 713 is configured to: log in to a network
platform of the operator by using built-in application software of the eUICC; and
acquire, from the network platform, the information such as the download certificate
used to download the profile of the operator, the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator, and the identity
of the profile of the operator.
[0130] In specific implementation, in this embodiment of the present invention, the certificate
for downloading the profile of the operator is uniquely corresponding to the profile
of the operator, and is used as a unique certificate for downloading the profile of
the operator. In specific implementation, the download certificate may be in various
forms, which include but are not limited to:
The certificate for downloading the profile of the operator is a randomly generated
sequence code.
[0131] Alternatively, the certificate for downloading the profile of the operator is a string
of encoded data generated by encrypting metadata of the profile of the operator. A
manner of the encryption may be one of various existing encryption manners, and a
form of the encoded data may be an ordinary binary code, or may be a two-dimensional
code or the like. The metadata may be extracted from the profile of the operator.
For example, the metadata may be an ICCID. Optionally, the download request generated
by the generating module 72 may further include information such as the identity of
profile of the operator, a terminal identity of the terminal, or a classification
identity of the terminal.
[0132] Optionally, the addressing information of the SM-DP may be further carried in the
download certificate of the download request generated by the generating module 72,
for example, carried in the randomly generated sequence code, or carried in the string
of encoded data generated by encrypting the metadata.
[0133] In this case, the SM-SR may be notified, in advance, of a method for acquiring the
addressing information of the SM-DP from the download certificate; for example, the
SM-SR may be notified of a location that is of the SM-DP and is in the download certificate
or a decryption method.
[0134] In specific implementation, the transmission module 74 may further receive, from
the terminal, a command of requesting or instructing the eUICC to generate the request
for downloading the profile of the operator. The eUICC may further receive a command
of requesting or instructing the eUICC to generate the request for downloading the
profile of the operator, where the command is entered by the user or sent by another
device. In specific implementation, similarly, the message may be sent by using an
APDU message; for example, an INSTALL command defined in a GPCS may be extended, a
dedicated character or code is added to the INSTALL command and the dedicated character
or code is used as the command of requesting the eUICC to generate and send the request
for downloading the profile of the operator. For example, a new code is set for the
INSTALL command, and the new code is carried in a PI field of the INSTALL to indicate
that the INSTALL command is the command of requesting or instructing the eUICC to
generate and send the request for downloading the profile of the operator.
[0135] In specific implementation, the sending module 73 sends, to an SM-SR with which the
eUICC registers, the request for downloading the profile of the operator, where the
download request carries the certificate for downloading the profile of the operator,
the ID of the embedded universal integrated circuit card eUICC of the terminal, and
the addressing information of the SM-DP, so that after finding the SM-DP according
to the addressing information of the SM-DP, the SM-SR forwards, to the SM-DP, the
download request that includes the certificate for downloading the profile of the
operator and the ID of the eUICC. Optionally, the forwarded request may also include
the information such as the identity of the profile of the operator and the identity
of the terminal or the classification identity of the terminal. In specific implementation,
information between the eUICC and the SM-SR may be transparently transmitted by using
the terminal.
[0136] In specific implementation, before the sending module 73 sends, to the SM-SR with
which the eUICC registers, the request for downloading the profile of the operator,
the eUICC and the SM-SR need to perform bidirectional authentication. Similarly, before
the SM-SR forwards the download request to the SM-DP, the SM-SR and the SM-DP also
need to perform bidirectional authentication, and the SM-SR may verify whether a profile
conflicting with the profile of the operator that is currently requested to download
has already been downloaded into the eUICC (for example, a mobile on-net user of a
mobile operator can access only a mobile network, and cannot access a telecommunications
network; in this case, if an eUICC of a mobile terminal requests to download a profile
of a telecommunications operator, even though the eUICC acquires information such
as an SM-DP and a certificate for downloading the profile of the telecommunications
operator, the eUICC cannot download the profile of the operator due to a profile restriction
policy of the operator); if there is a conflicting file, the SM-SR may stop a procedure
such as forwarding the request that is for downloading the profile of the operator
and is sent by the eUICC. All mentioned above are similar to those in the prior art,
and details are not described herein again. In specific implementation, because download
certificates are different, before the acquiring module 71 receives, from the terminal,
the profile of the operator that is sent by the SM-DP by using the subscription manager-data
preparing SM-SR and that is corresponding to the download request, manners in which
the SM-DP verifies that the certificate that is for downloading the profile of the
operator and is carried in the download request is valid are also different.
[0137] For example, when the certificate for downloading the profile of the operator is
a randomly generated sequence code, and
when verifying that a sequence code that is carried in the download request and is
used as the download certificate is the same as a sequence code stored in the SM-DP,
the SM-DP determines that the certificate that is for downloading the profile of the
operator and is carried in the download request is valid.
[0138] Alternatively, when the certificate for downloading the profile of the operator is
a string of encoded data generated by encrypting metadata of the operator, and
when metadata obtained after the SM-DP decodes, according to a locally stored decryption
key, encoded data carried in the download request is the same as metadata that is
of the profile of the operator and is stored in the SM-DP, the SM-DP determines that
the certificate that is for downloading the profile of the operator and is carried
in the download request is valid.
[0139] In specific implementation, when the download request further carries the identity
of the profile of the operator, and the identity of the profile of the operator is
a part of the download certificate or is independent of the download certificate,
the SM-DP specifically obtains the profile of the operator according to the identity
that is of the profile of the operator and is carried in the download request.
[0140] Certainly, in specific implementation, the SM-DP may further acquire index information
according to the identity that is of the profile of the operator and is locally stored
in the SM-DP, locally search the SM-DP for the identity of the profile of the operator,
and acquire the profile of the operator according to the found identity of the profile
of the operator.
[0141] Optionally, when the download request includes information such as the identity of
the terminal or the classification identity of the terminal, only after verifying
that the certificate that is for downloading the profile of the operator and is carried
in the download request is valid, and verifying that the identity of the terminal
is an identity of an authorized terminal or that the classification identity of the
terminal is a classification identity of an authorized terminal, the SM-DP can acquire,
according to the identity of the profile of the operator, the profile of the operator
that is stored in the SM-DP and is corresponding to the download request. In this
embodiment, a manner embodiment of downloading a profile of an operator in the embodiments
of the present invention is described from an eUICC side by using examples. When a
request for downloading a profile of an operator is initiated by an eUICC, a terminal
provides a function of transparently transmitting the request that is for downloading
the profile of the operator and is generated by the eUICC.
[0142] It can be learned from above that, in some feasible implementation manners of the
present invention, a request for downloading a profile of an operator is initiated
by an eUICC of a terminal in this embodiment of the present invention, which avoids
a case in which the operator needs to know, in advance, identity information of the
eUICC of the terminal that needs to download the profile of the operator. In addition,
in this embodiment of the present invention, an SM-DP verifies whether a download
certificate in the download request is valid to determine whether the initiated download
request is valid, without verifying whether an object of the download request is valid
any longer; moreover, the download certificate may be obtained by the terminal before
the terminal initiates the download request. Therefore, the terminal can acquire the
certificate for downloading the profile of the operator, provided that the terminal
needs to download the profile of the operator into the eUICC of the terminal. That
is, in this embodiment of the present invention, a range of objects that can download
the profile of the operator may be extended to all eUICCs. In addition, in this embodiment
of the present invention, because the request for downloading the profile of the operator
is initiated by the terminal, an end user certainly can freely select an opportunity
for downloading the profile of the operator.
[0143] FIG. 9 is a schematic structural diagram of a subscription manager-data preparing
SM-DP according to a seventh embodiment of the present invention. As shown in FIG.
9, the SM-DP may include at least a receiving module 91, a profile management module
92, and a sending module 93, where:
the receiving module 91 is configured to receive, from a terminal or an embedded universal
integrated circuit card eUICC of the terminal, a request that is for downloading a
profile of an operator and is forwarded by a subscription manager-secure routing SM-SR,
where the download request carries an ID of the eUICC and a certificate for downloading
the profile of the operator;
the profile management module 92 is connected to the receiving module 91 and is configured
to: after verifying that the certificate that is for downloading the profile of the
operator and is carried in the download request is valid, acquire, according to an
identity of the profile of the operator, the profile of the operator that is stored
in the SM-DP and is corresponding to the download request; and
the sending module 93 is configured to send, by using the SM-SR, the profile that
is of the operator and is corresponding to the download request to the eUICC.
[0144] In specific implementation, in this embodiment of the present invention, the terminal
or the eUICC of the terminal may serve as an initiator of the download request, that
is, the request for downloading the profile of the operator may be from the terminal
or the eUICC.
[0145] When the terminal serves as the initiator of the download request, the terminal reads,
from the eUICC, the ID of the eUICC and addressing information of the SM-SR, where
the addressing information is used to find the SM-SR, the addressing information may
include an identity or address of the SM-SR, and the identity may uniquely identify
the SM-SR. Then, the terminal generates the request for downloading the profile of
the operator, and sends the download request. In this case, in this embodiment of
the present invention, when the download request is sent, the download request may
not pass through the eUICC into which the profile of the operator really needs to
be downloaded.
[0146] When the eUICC of the terminal serves as the initiator of the download request, the
eUICC sends the generated download request to the terminal, and sends the generated
download request to the SM-SR by using the terminal. In this case, the terminal provides
a function of transparently transmitting the request that is for downloading the profile
of the operator and is generated by the eUICC.
[0147] In specific implementation,
the operator (for example, an MNO) may entrust the subscription manager-data preparing
SM-DP to generate the profile of the operator (which is generally referred to as a
profile of the operator for short). The profile may include subscription data that
is of the operator and is needed for accessing a network of the operator, such as
an international mobile subscriber identity (International Mobile Subscriber Identification
Number, IMSI), a Ki (16-byte key data generated by a card manufacturer), and an encryption
algorithm. The profile may further include installation or revision packages of various
applications, for example, may include an installation package of Fetion and an update
package of QQ. Optionally, similar to the prior art, the operator may further limit,
by using the SM-DP, a terminal that can download the profile of the operator. For
example, the operator may store, in the SM-DP, an identity of the terminal that can
download the profile of the operator or a classification identity of the terminal.
[0148] In specific implementation, the addressing information of the SM-DP may include information
such as an identity or address of the SM-DP, where the identity uniquely identifies
the SM-DP.
[0149] In specific implementation, the operator (for example, an MNO) may further generate
or entrust the SM-DP to generate information such as the certificate for downloading
the profile of the operator and the identity of the profile of the operator. In specific
implementation, the identity of the profile of the operator may be an ICCID or any
other identity that can uniquely identify the profile of the operator. When the operator
generates the information such as the certificate for downloading the profile of the
operator and the identity of the profile of the operator, the receiving module 81
may be further configured to store the information such as the certificate for downloading
the profile of the operator and the identity of the profile of the operator, where
the information is generated by the operator.
[0150] When the operator entrusts the SM-DP to generate the profile of the operator and
to generate the information such as the certificate for downloading the profile of
the operator and the identity of the profile of the operator, the SM-DP may further
include: a generating module (not shown in the figure), configured to generate and
store, according to a request of the operator, the profile of the operator and the
information such as the certificate for downloading the profile of the operator and
the identity of the profile of the operator.
[0151] Optionally, in this embodiment of the present invention, the download request received
by the receiving module 91 may further include the identity of the profile of the
operator.
[0152] Optionally, in this embodiment of the present invention, the download request received
by the receiving module 91 may include an identity of the terminal or a classification
identity of the terminal.
[0153] In specific implementation, because download certificates are different, manners
in which the profile management module 82 verifies that the certificate that is for
downloading the profile of the operator and is carried in the download request is
valid are also different.
[0154] For example, when the certificate for downloading the profile of the operator is
a randomly generated sequence code, and
when verifying that a sequence code that is carried in the download request and is
used as the download certificate is the same as a sequence code stored in the SM-DP,
the profile management module 92 determines that the certificate that is for downloading
the profile of the operator and is carried in the download request is valid.
[0155] Alternatively, when the certificate for downloading the profile of the operator is
a string of encoded data generated by encrypting metadata of the operator, and
when metadata obtained after the profile management module 92 decodes, according to
a locally stored decryption key, encoded data carried in the download request is the
same as metadata that is of the profile of the operator and is stored in the SM-DP,
the profile management module 92 determines that the certificate that is for downloading
the profile of the operator and is carried in the download request is valid.
[0156] In specific implementation, when the download request further carries the identity
of the profile of the operator, and the identity of the profile of the operator is
a part of the download certificate or is independent of the download certificate,
the profile management module 92 specifically obtains the profile of the operator
according to the identity that is of the profile of the operator and is carried in
the download request. In specific implementation, when the download request further
includes the identity of the terminal or the classification identity of the terminal,
only after verifying that the certificate that is for downloading the profile of the
operator and is carried in the download request is valid, and verifying that the identity
of the terminal is an identity of an authorized terminal or that the classification
identity of the terminal is a classification identity of an authorized terminal, the
profile management module 92 can acquire, according to the identity of the profile
of the operator, the profile of the operator that is stored in the SM-DP and is corresponding
to the download request.
[0157] It can be learned from above that, in some feasible implementation manners of the
present invention, a subscription manager-data preparing SM-DP receives, from a terminal
or an embedded universal integrated circuit card eUICC of the terminal, a request
that is for downloading a profile of an operator and is forwarded by a subscription
manager-secure routing SM-SR, where the download request carries an ID of the eUICC
and a certificate for downloading the profile of the operator; after verifying that
the certificate that is for downloading the profile of the operator and is carried
in the download request is valid, the SM-DP acquires, according to an identity of
the profile of the operator, the profile of the operator that is stored in the SM-DP
and is corresponding to the download request; and the SM-DP sends, by using the SM-SR,
the profile that is of the operator and is corresponding to the download request to
the eUICC. In this embodiment of the present invention, a request for downloading
a profile of an operator is initiated by a terminal side (a terminal or an eUICC of
a terminal), thereby avoiding a case in which the operator needs to know, in advance,
identity information of the eUICC of the terminal that needs to download the profile
of the operator.
[0158] In addition, in this embodiment of the present invention, an SM-DP verifies whether
a download certificate in the download request is valid to determine whether the initiated
download request is valid, without verifying whether an object of the download request
is valid any longer; moreover, the download certificate may be obtained by the terminal
before the terminal initiates the download request. Therefore, the terminal can acquire
the certificate for downloading the profile of the operator, provided that the terminal
needs to download the profile of the operator into the eUICC of the terminal. That
is, in this embodiment of the present invention, a range of objects that can download
the profile of the operator may be extended to all eUICCs. In addition, in this embodiment
of the present invention, because the request for downloading the profile of the operator
is initiated by the terminal, an end user certainly can freely select an opportunity
for downloading the profile of the operator. Structures of the terminal, the eUICC,
and the SM-DP that are in the embodiments of the present invention are described in
FIG. 4 to FIG. 9 from a perspective of a functional module by using examples, and
structures of the terminal, the eUICC, and the SM-DP that are in the embodiments of
the present invention are further described in the following from a perspective of
a hardware module by using examples.
[0159] FIG. 10 is a schematic structural diagram of a terminal according to an eighth embodiment
of the present invention. As shown in FIG. 10, the terminal may include at least an
eUICC 101, an input apparatus 102, an output apparatus 103, a memory 104, and a processor
105, which are connected by using a bus 106. In specific implementation, the input
apparatus 102 in this embodiment of the present invention may be a touchscreen, a
keyboard, a microphone, a camera, a radio frequency antenna, or the like; the output
apparatus 103 in the present invention may be a display (or may be a touchscreen),
a loudspeaker, a radio frequency antenna, or the like. In this embodiment of the present
invention, the memory 104 is configured to store various kinds of information of the
terminal, and store program code; the processor 105 is configured to invoke the code
stored in the memory 104, and perform a corresponding operation.
[0160] In specific implementation, the processor 105 or the input apparatus 102 is configured
to acquire a download certificate used to download a profile of an operator and addressing
information of a subscription manager-data preparing SM-DP that stores the profile
of the operator. For example, the processor 105 may invoke application software stored
in the memory 104 to log in to a network platform of the operator, and acquire, from
the network platform, the download certificate used to download the profile of the
operator and the addressing information of the subscription manager-data preparing
SM-DP that stores the profile of the operator; the input apparatus 102 (for example,
a touchscreen, a key, or the like) may receive the download certificate used to download
the profile of the operator and the addressing information of the subscription manager-data
preparing SM-DP that stores the profile of the operator, where the download certificate
and the addressing information are manually entered by a user; the input apparatus
102 (a camera) may acquire, by scanning a two-dimensional code, the download certificate
used to download the profile of the operator and the addressing information of the
subscription manager-data preparing SM-DP that stores the profile of the operator.
Optionally, the processor 105 and the input apparatus may further acquire, in a same
manner of acquiring the download certificate and the addressing information of the
SM-DP, information such as an identity of the profile of the operator.
[0161] The output apparatus 103 (for example, a radio frequency) is configured to send,
to the SM-DP by using a subscription manager-secure routing SM-SR, a request for downloading
the profile of the operator, where the download request carries the certificate for
downloading the profile of the operator, an ID of the eUICC 90, and the addressing
information of the SM-DP. In specific implementation, the download request sent by
the output apparatus 103 may also include information such as an ICCID of the profile
of the operator, or an identity of the terminal, or a classification identity of the
terminal.
[0162] In specific implementation, the input apparatus 102 is configured to: receive the
profile of the operator that is sent by the SM-DP by using the SM-SR and is corresponding
to the download request, and transmit the profile of the operator to the eUICC 101
by using the bus 106, where the profile of the operator is obtained by the SM-DP according
to the identity of the profile of the operator after the SM-DP verifies that the certificate
that is for downloading the profile of the operator and is carried in the download
request is valid.
[0163] In specific implementation, the output apparatus 103 is further configured to send,
to the eUICC, the download certificate used to download the profile of the operator
and the addressing information of the subscription manager-data preparing SM-DP that
stores the profile of the operator, where the download certificate and the addressing
information are acquired by the processor 105 or the input apparatus 102. Optionally,
the output apparatus 103 may further send, to the eUICC, the identity of the profile
of the operator, or the identity of the terminal, or the classification identity of
the terminal.
[0164] In specific implementation, the input apparatus 102 is further configured to read,
from the eUICC, the ID of the eUICC and the addressing information of the SM-SR, and
send the ID of the eUICC and the addressing information of the SM-SR to the processor
105.
[0165] The processor 105 is further configured to generate the request for downloading the
profile of the operator, where the download request carries the certificate for downloading
the profile of the operator, the ID of the eUICC of the terminal, and the addressing
information of the SM-DP. Optionally, the download request may further include information
such as the identity of the profile of the operator, the identity of the terminal,
or the classification identity of the terminal.
[0166] Alternatively, the input apparatus 102 is further configured to receive, from the
eUICC, the request that is for downloading the profile of the operator and is generated
by the eUICC, where the download request carries the certificate for downloading the
profile of the operator, the ID of the eUICC of the terminal, and the addressing information
of the SM-DP. Optionally, the received download request may further include information
such as the identity of the profile of the operator, the identity of the terminal,
or the classification identity of the terminal.
[0167] The output apparatus 103 is further configured to send, to the eUICC, a command of
requesting or instructing the eUICC to generate and send the request for downloading
the profile of the operator.
[0168] FIG. 11 is a schematic structural diagram of an eUICC according to a ninth embodiment
of the present invention. As shown in FIG. 11, the eUICC may include: an input apparatus
111, an output apparatus 112, a memory 113, and a processor 114, which are connected
by using a bus 115, and the eUICC is connected to a terminal by using the bus 115.
In specific implementation, the input apparatus 111 and the output apparatus 112 may
be various interfaces used for communication between the eUICC and the terminal; the
processor 114 is a microprocessor inside the eUICC. The memory 113 stores a profile
that is of an operator and is needed by the terminal to access the operator, an ID
or address of the eUICC, an ID or address of an SM-SR to which the eUICC may be connected,
and the like.
[0169] In specific implementation, the processor 114 or the input apparatus 111 may be configured
to acquire a download certificate used to download the profile of the operator and
addressing information of a subscription manager-data preparing SM-DP that stores
the profile of the operator. For example, the input apparatus 111 may receive the
download certificate used to download the profile of the operator and the addressing
information of the subscription manager-data preparing SM-DP that stores the profile
of the operator; or the input apparatus 111 may receive the download certificate used
to download the profile of the operator and the addressing information of the subscription
manager-data preparing SM-DP that stores the profile of the operator, where the download
certificate and the addressing information are entered by a user by using an interface
of software that is in the eUICC and is for downloading a profile of an operator;
or the processor 114 may log in to a network platform of the operator by invoking
built-in application software of the eUICC, and acquire, from the network platform,
the download certificate used to download the profile of the operator and the addressing
information of the subscription manager-data preparing SM-DP that stores the profile
of the operator.
[0170] Further, the processor 114 may generate a request for downloading the profile of
the operator, where the download request carries the certificate for downloading the
profile of the operator, the ID of the eUICC, and the addressing information of the
SM-DP.
[0171] Further, the output apparatus 112 may send the generated download request to the
SM-DP by using the subscription manager-secure routing SM-SR.
[0172] Further, the input apparatus 111 may receive the profile of the operator that is
sent by the SM-DP by using the SM-SR and that is corresponding to the download request,
where the profile of the operator is obtained by the SM-DP according to an identity
of the profile of the operator after the SM-DP verifies that the certificate that
is for downloading the profile of the operator and is carried in the download request
is valid.
[0173] Further, the output apparatus 112 specifically sends the generated download request
to an SM-SR with which the eUICC registers, where the download request carries the
certificate for downloading the profile of the operator, the ID of the embedded universal
integrated circuit card eUICC of the terminal, and the addressing information of the
SM-DP, so that after finding the SM-DP according to the addressing information of
the SM-DP, the SM-SR forwards, to the SM-DP, the download request that includes the
certificate for downloading the profile of the operator and the ID of the eUICC.
[0174] Further, before the processor 114 generates the request for downloading the profile
of the operator, the input apparatus 111 receives, from the terminal, a command of
requesting or instructing the eUICC to generate the request for downloading the profile
of the operator.
[0175] FIG. 12 is a schematic structural diagram of an SM-DP according to a tenth embodiment
of the present invention. As shown in FIG. 12, the SM-DP may include: an input apparatus
120, an output apparatus 121, a memory 122, and a processor 123, which are connected
by using a bus 124. In specific implementation, the input apparatus 120 in this embodiment
of the present invention may be a touchscreen, a keyboard, a microphone, a camera,
a radio frequency antenna, or the like; the output apparatus 121 in the present invention
may be a display (or may be a touchscreen), a loudspeaker, a radio frequency antenna,
or the like. In this embodiment of the present invention, the memory 122 is configured
to store program code; the processor 123 is configured to invoke the code stored in
the memory 122, and perform a corresponding operation. The memory 122 is further configured
to store a profile of an operator and information such as a certificate for downloading
the profile of the operator, and an ICCID of the profile of the operator.
[0176] In specific implementation, the input apparatus 120 is configured to receive, from
a terminal or an embedded universal integrated circuit card eUICC of the terminal,
a request that is for downloading the profile of the operator and is forwarded by
a subscription manager-secure routing SM-SR, where the download request carries an
ID of the eUICC and the certificate for downloading the profile of the operator.
[0177] In specific implementation, the processor 123 is configured to: after verifying that
the certificate that is for downloading the profile of the operator and is carried
in the download request is valid, acquire, according to an identity of the profile
of the operator, the profile of the operator that is stored in the memory 122 and
is corresponding to the download request.
[0178] In specific implementation, the output apparatus 121 is configured to send, to the
eUICC by using the SM-SR, the profile of the operator that is acquired by the processor
123 and is corresponding to the download request.
[0179] In specific implementation, the input apparatus 120 is further configured to receive
and store the certificate for downloading the profile of the operator and the identity
of the profile of the operator, where the download certificate and the identity of
the profile of the operator are generated by the operator; or
the processor 123 is further configured to generate and store, according to a request
of the operator, the certificate for downloading the profile of the operator and the
identity of the profile of the operator.
[0180] In specific implementation, when the certificate for downloading the profile of the
operator is a randomly generated sequence code, and
when verifying that a sequence code that is carried in the download request and is
used as the download certificate is the same as a sequence code stored in the SM-DP,
the processor 123 determines that the certificate that is for downloading the profile
of the operator and is carried in the download request is valid.
[0181] When the certificate for downloading the profile of the operator is a string of encoded
data generated by encrypting metadata of the operator, and
when metadata obtained after processor 123 decodes, according to a decryption key
stored in the memory 122, encoded data carried in the download request is the same
as metadata that is of the profile of the operator and is stored in the SM-DP, the
processor 123 determines that the certificate that is for downloading the profile
of the operator and is carried in the download request is valid. In specific implementation,
the metadata may be extracted from the profile of the operator, and the metadata may
include an ICCID of the profile of the operator.
[0182] In specific implementation, the download request received by the input apparatus
120 further includes an identity of the terminal or a classification identity of the
terminal.
[0183] In this case, the processor 123 is specifically configured to: after verifying that
the certificate that is for downloading the profile of the operator and is carried
in the download request is valid, and verifying that the identity of the terminal
is an identity of an authorized terminal or that the classification identity of the
terminal is a classification identity of an authorized terminal, acquire, according
to the identity of the profile of the operator, the profile of the operator that is
stored in the memory 122 and is corresponding to the download request.
[0184] Modules in this embodiment of the present invention may be implemented by using a
universal integrated circuit (such as a central processing unit CPU) or an application-specific
integrated circuit (ASIC). A person of ordinary skill in the art may understand that
all or some steps of the various methods in the foregoing embodiments may be implemented
by a program instructing relevant modules. The program may be stored in a computer
readable storage medium. The storage medium may include: a flash memory, a read-only
memory (Read-Only Memory, ROM), a random access memory (Random Access Memory, RAM),
a magnetic disk, an optical disk, or the like.
[0185] FIG. 13 is a detailed schematic flowchart of a method for downloading and installing
a profile of an operator according to an eleventh embodiment of the present invention.
The procedure includes related procedures in most foregoing embodiments of the present
invention. In the following part, a profile is substituted for the subscription agreement
of the operator in each of the foregoing embodiments, and a token is substituted for
the download certificate in each of the foregoing embodiments. As shown in FIG. 12,
the procedure includes:
Step 1. According to information provided by an MNO, an SM-DP generates, for the MNO,
a profile that can be downloaded into an eUICC of a terminal, generates a token that
is used to download the profile, and stores the token in the SM-DP. Optionally, the
MNO may further limit a terminal or a terminal that is in a list and into which the
profile can be downloaded (for example, a batch of profiles generated for a batch
of smart meters of a meter manufacturer can be downloaded into only this batch of
meters of the meter manufacturer), or a type of a terminal (for example, whether the
profile can be downloaded into only a smartphone or a terminal of the Internet of
Things), where a manner of limiting the terminal or the type of the terminal may be
embodied by using an identity of the terminal or a classification identity of the
terminal.
Step 2. An end user selects the operator on line, or selects the operator in a retail
store/business hall, or purchases a card (similar to a recharge card) specially used
to download the profile, so as to acquire information necessary for downloading the
profile, such as the token, or an ID of the SM-DP that stores the profile; optionally,
the information may further include an ICCID of the profile.
Step 3. The user stores the token, the ID of the SM-DP, the ICCID, and the like to
the terminal or the eUICC by using a related application on the terminal, or an application
that is in the eUICC and is specially used to download the profile, or by scanning
a two-dimensional code (if the information is in a form of a two-dimensional code).
Step 4. The related application of the terminal reads an identity (such as an IMEI)
or a classification identity (for example, whether the terminal is an M2M device,
a smartphone, or the like) of the terminal, where this step is optional and is unnecessarily
executed.
Step 5. The terminal requests, by using an APDU message, the eUICC to initiate a request
for downloading the profile. Specifically, an INSTALL command defined in an existing
GPCS may be extended; a new code is added to a P1 field of the INSTALL command to
indicate that the APDU message is a message of requesting the eUICC to initiate the
request for downloading the profile; a DATA field of the INSTALL command may carry
the token, the ICCID, and the ID of the SM-DP, and may further carry an identity or
a classification of the terminal.
[0186] (In the foregoing step 1 to step 5, the eUICC is mainly enabled to acquire information,
such as the token, the ICCID, the ID of the SM-DP, and the identity of the terminal
or the classification identity of the terminal, that is needed for downloading the
profile.) Step 6. The eUICC and an SM-SR perform bidirectional authorization. The
eUICC stores information such as an ID or address of the SM-SR.
[0187] Step 7. After the bidirectional authorization, the eUICC sends, to the SM-SR, the
request for downloading the profile; and before sending the request for downloading
the profile, the eUICC generates the download request according to the token, the
ICCID, the ID of the SM-DP, the identity of the terminal or the classification identity
of the terminal, and the like that are acquired. The download request carries at least
the token, an ID of the eUICC (marked as an eID for short) and the ID of the SM-DP,
and optionally, may further carry the ICCID and the identity of the terminal or the
classification identity of the terminal.
[0188] Step 8. The SM-SR verifies whether a new profile is allowed to be downloaded into
the eUICC (for example, the SM-SR detects whether a corresponding policy allows a
new profile to be downloaded into the eUICC, and the like; for example, it is assumed
that the terminal is a mobile carrier-branded smartphone, and the profile is a profile
for accessing a telecommunications network, the profile for accessing a telecommunications
network cannot be downloaded into an eUICC of a mobile terminal, and in this case,
a verification result of step 8 is that a new profile is not allowed to be downloaded
into the eUICC), and if a new profile is allowed to be downloaded into the eUICC,
finds a corresponding SM-DP according to the ID of the SM-DP, and executes step 10.
[0189] Step 9. If verifying that a new profile is not allowed to be downloaded into the
eUICC, the SM-SR returns failure notification to the eUICC, and the solution ends.
[0190] Step 10. The SM-SR and the SM-DP perform bidirectional authorization.
[0191] Step 11. The SM-SR sends, to the SM-DP, the request for downloading the profile,
where the request carries the token, the ID of the eUICC, and optionally, may further
carry the ICCID, the identity of the terminal or the classification identity of the
terminal, and an EIS.
[0192] (Step 6 to step 11 is a process in which the eUICC sends, to the SM-DP, the request
for downloading the profile, and the download request is forwarded by the terminal
and the SM-SR in the process, where the terminal provides only a transparent transmission
function, and therefore, it may be considered that the process is direct communication
between the eUICC and the SM-SR.)
[0193] Step 12. The SM-DP verifies whether the token carried in the request for downloading
the profile is a valid token, and if the token is valid and the token is obtained
by performing an encryption operation on the ICCID, the SM-DP performs a corresponding
inverse operation to obtain the ICCID, so as to acquire the profile that needs to
be downloaded; or if the request message in step 7 carries the ICCID, the SM-DP may
acquire, according to the ICCID carried in the request message, the profile that needs
to be downloaded; or the SM-DP may acquire, according to the ICCID locally stored
in the SM-DP, the profile that needs to be downloaded.
[0194] Step 13. The SM-DP verifies, according to the EIS and the identity of the terminal
or the classification identity of the terminal, whether the profile can be downloaded
into the eUICC of the terminal (that the SM-DP verifies, according to an EIS, whether
a profile can be downloaded into the eUICC is the same as that in the prior art described
in the background).
[0195] Step 14. If the verification fails, return failure notification to the eUICC.
[0196] (Step 12 to step 14 is a process in which the SM-DP verifies the token and the identity
of the terminal or the classification identity of the terminal to determine whether
a particular profile can be downloaded into the eUICC.)
[0197] Step 15-17. After the verification in steps 12 and 13 succeeds, the SM-DP requests
the SM-SR to create new storage space (which is subsequently marked as a container)
in the eUICC.
[0198] Step 18. The SM-DP establishes a profile installer credential (profile installer
credentials, PIC) by using the SM-SR and the eUICC, where the PIC is used to decrypt
and install a downloaded profile, and establishing of the PIC may use an existing
shared key generation method, such as key negotiation, key distribution, or the like.
[0199] Step 19. The SM-DP sends, to the eUICC, a request for downloading and installing
the profile.
[0200] Step 20. The eUICC verifies whether the SM-DP is authorized to download and install
the profile in the eUICC, which is specifically verified by using the PIC.
[0201] Step 21. The eUICC returns a verification response to the SM-DP.
[0202] Step 22. If the verification succeeds, the SM-DP initiates a procedure for downloading
and installing the profile, and transmits an encrypted profile to the eUICC by using
the SM-SR.
[0203] Step 23. The eUICC performs integrity verification and the like on the received profile,
and decrypts and installs the profile after the verification succeeds.
[0204] Step 24. The eUICC sends, to the SM-SR, a confirmation message of installation of
the profile, where the confirmation message carries an updated EIS.
[0205] Step 25. The eUICC notifies the user that the profile has been successfully downloaded
and installed.
[0206] Step 26. The SM-SR updates the EIS.
[0207] Step 27. The SM-SR sends, to the SM-DP, a confirmation message of downloading and
installation of the profile.
[0208] Step 28. The SM-DP notifies the MNO that the profile identified by the ICCID has
been downloaded into the eUICC identified by the eID, so that the MNO associates the
eID with the ICCID.
[0209] In specific implementation, steps 15 to 28 in this embodiment is the same as those
in the prior art, and detailed description of specific implementation of the steps
is not provided herein again.
[0210] FIG. 14 is a detailed schematic flowchart of a method for downloading and installing
a profile of an operator according to a twelfth embodiment of the present invention.
The procedure includes related procedures in most foregoing embodiments of the present
invention. In the following part, a profile is substituted for the subscription agreement
of the operator in each of the foregoing embodiments, and a token is substituted for
the download certificate in each of the foregoing embodiments. This embodiment and
the embodiment shown in FIG. 13 differ in that a request for downloading a profile
is initiated by a terminal instead of initiating by an eUICC. As shown in FIG. 14,
the procedure includes:
Step 1. According to information provided by an MNO, an SM-DP generates, for the MNO,
a profile that can be downloaded into an eUICC of a terminal, generates a token that
is used to download the profile, and stores the token in the SM-DP. Optionally, the
MNO may further limit a terminal or a terminal that is in a list and into which the
profile can be downloaded (for example, a batch of profiles generated for a batch
of smart meters of a meter manufacturer can be downloaded into only this batch of
meters of the meter manufacturer), or a type of a terminal (for example, whether the
profile can be downloaded into only a smartphone or a terminal of the Internet of
Things), where a manner of limiting the terminal or the type of the terminal may be
embodied by using an identity of the terminal or a classification identity of the
terminal.
Step 2. An end user selects an operator on line, or selects an operator in a retail
store/business hall, or purchases a card (similar to a recharge card) specially used
to download the profile, so as to acquire information necessary for downloading the
profile, such as the token, or an ID of the SM-DP that stores the profile; optionally,
the information may further include an ICCID of the profile.
Step 3. The user stores the token, the ID of the SM-DP, the ICCID, and the like to
the terminal or the eUICC by using a related application on the terminal, or an application
that is in the eUICC and is specially used to download the profile, or by scanning
a two-dimensional code (if the information is in a form of a two-dimensional code).
Step 4. The related application of the terminal reads an identity (such as an IMEI)
or a classification identity (for example, whether the terminal is an M2M device,
a smartphone, or the like) of the terminal, where this step is optional and is unnecessarily
executed.
Step 5a. The terminal reads, from the eUICC, information such as an ID of the eUICC
and an ID or address of an SM-SR.
Step 6a. The terminal sends, to the SM-SR, a request for downloading the profile,
where the request message carries the token, addressing information of the SM-DP,
and the ID of the eUICC; optionally, the download request may further carry the identity
of the terminal or the classification identity of the terminal.
Step 7a. The eUICC and the SM-SR perform bidirectional authorization. In this solution,
the bidirectional authorization is initiated by the SM-SR.
Step 8. The SM-SR verifies whether a new profile is allowed to be downloaded into
the eUICC (for example, the SM-SR detects whether a corresponding policy allows a
new profile to be downloaded into the eUICC, and the like; for example, it is assumed
that the terminal is a mobile carrier-branded smartphone, and the profile is a profile
for accessing a telecommunications network, the profile for accessing a telecommunications
network cannot be downloaded into an eUICC of a mobile terminal, and in this case,
a verification result of step 8 is that a new profile is not allowed to be downloaded
into the eUICC), and if a new profile is allowed to be downloaded into the eUICC,
finds a corresponding SM-DP according to the ID of the SM-DP, and executes step 10.
Step 9. If verifying that a new profile is not allowed to be downloaded into the eUICC,
the SM-SR returns failure notification to the eUICC, and the solution ends.
Step 10. The SM-SR and the SM-DP perform bidirectional authorization.
Step 11. The SM-SR sends, to the SM-DP, the request for downloading the profile, where
the request carries the token, the ID of the eUICC, and optionally, may further carry
the ICCID, the identity of the terminal or the classification identity of the terminal,
and an EIS.
[0211] (Step 6 to step 11 is a process in which the eUICC sends, to the SM-DP, the request
for downloading the profile, and the download request is forwarded by the terminal
and the SM-SR in the process, where the terminal provides only a transparent transmission
function, and therefore, it may be considered that the process is direct communication
between the eUICC and the SM-SR.)
[0212] Step 12. The SM-DP verifies whether the token carried in the request for downloading
the profile is a valid token, and if the token is valid and the token is obtained
by performing an encryption operation on the ICCID, the SM-DP performs a corresponding
inverse operation to obtain the ICCID, so as to acquire the profile that needs to
be downloaded; or if the request message in step 7 carries the ICCID, the SM-DP may
acquire, according to the ICCID carried in the request message, the profile that needs
to be downloaded; or the SM-DP may acquire, according to the ICCID locally stored
in the SM-DP, the profile that needs to be downloaded.
[0213] Step 13. The SM-DP verifies, according to the EIS and the identity of the terminal
or the classification identity of the terminal, whether the profile can be downloaded
into the eUICC of the terminal (that the SM-DP verifies, according to an EIS, whether
a profile can be downloaded into the eUICC is the same as that in the prior art described
in the background).
[0214] Step 14. If the verification fails, return failure notification to the eUICC.
[0215] (Step 12 to step 14 is a process in which the SM-DP verifies the token and the identity
of the terminal or the classification identity of the terminal to determine whether
a particular profile can be downloaded into the eUICC.)
[0216] Step 15-17. The SM-DP requests the SM-SR to create new storage space (which is subsequently
marked as a container) in the eUICC.
[0217] Step 18. The SM-DP establishes a profile installer credential (profile installer
credentials, PIC) by using the SM-SR and the eUICC, where the PIC is used to decrypt
and install a downloaded profile, and establishing of the PIC may use an existing
shared key generation method, such as key negotiation, key distribution, or the like.
[0218] Step 19. The SM-DP sends, to the eUICC, a request for downloading and installing
the profile.
[0219] Step 20. The eUICC verifies whether the SM-DP is authorized to download and install
the profile in the eUICC, which is specifically verified by using the PIC.
[0220] Step 21. The eUICC returns a verification response to the SM-DP.
[0221] Step 22. If the verification succeeds, the SM-DP initiates a procedure for downloading
and installing the profile, and transmits an encrypted profile to the eUICC by using
the SM-SR.
[0222] Step 23. The eUICC performs integrity verification and the like on the received profile,
and decrypts and installs the profile after the verification succeeds.
[0223] Step 24. The eUICC sends, to the SM-SR, a confirmation message of installation of
the profile, where the confirmation message carries an updated EIS.
[0224] Step 25. The eUICC notifies the user that the profile has been successfully downloaded
and installed.
[0225] Step 26. The SM-SR updates the EIS.
[0226] Step 27. The SM-SR sends, to the SM-DP, a confirmation message of downloading and
installation of the profile.
[0227] Step 28. The SM-DP notifies the MNO that the profile identified by the ICCID has
been downloaded into the eUICC identified by the eID, so that the MNO associates the
eID with the ICCID.
[0228] The foregoing descriptions are merely exemplary embodiments of the present invention,
but are not intended to limit the protection scope of the present invention as set
out by the claims.